New ISP, new router
Recently I had to choose another ISP for my home internet connection, and because my previous modem was a bit limited in it’s capabilities I decided it was time to invest in a Cisco 877W Integrated Services Router.
The main reason to choose for the 877W is that I used to work with Cisco appliances, so I’m familiar with IOS and like the CLI to manage the device.
After unpacking the device I connected the serial console cable which comes with the 877W to my laptop and turned on the device. The first step was to make the internal LAN work. My new internet connection comes with 8 public IP addresses, so I had to change my internal LAN from private space to public. Now the LAN part was done I could setup the WAN interface, which took quite some time to figure out how to setup correctly.
While discovering the device it appeared that the preinstalled IOS version was a really old one that goes back to 2006. I decided to load a more recent firmware image, better safe than sorry.
With the following specs I’ve created a configuration that works well for the SurfSnel ADSL product of InterNLnet:
Provider: InterNLnet (SurfSnel ADSL)
Protocol: PPPoA routed (RFC 2364)
Encapsulation: VC MUX
VPI/VCI: 0/35
Authentication: PAP
! version 12.4 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service sequence-numbers ! hostname router ! boot-start-marker boot-end-marker ! logging buffered 51200 warnings ! no aaa new-model clock timezone CET 1 clock summer-time CET recurring last Sun Mar 2:00 last Sun Oct 3:00 ! dot11 syslog no ip source-route ip cef ! ! ip inspect name firewall appfw firewall ip inspect name firewall tcp ip inspect name firewall udp ip inspect name firewall cuseeme ip inspect name firewall h323 ip inspect name firewall rcmd ip inspect name firewall realaudio ip inspect name firewall streamworks ip inspect name firewall vdolive ip inspect name firewall sqlnet ip inspect name firewall tftp ip inspect name firewall ftp ip inspect name firewall icmp ip inspect name firewall esmtp max-data 52428800 ip inspect name firewall fragment maximum 256 timeout 1 ip inspect name firewall netshow ip inspect name firewall rtsp ip inspect name firewall pptp ip inspect name firewall skinny ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ip domain name yourdomain.com ip name-server 217.149.196.6 ip name-server 217.149.192.6 ! appfw policy-name firewall application http strict-http action allow alarm content-type-verification unknown-type match-req-rsp action allow alarm port-misuse tunneling action allow alarm ! ! archive log config hidekeys ! ! interface ATM0 description Physical ADSL (ATM) Interface no ip address no ip proxy-arp no atm ilmi-keepalive dsl operating-mode auto dsl enable-training-log ! interface ATM0.1 point-to-point description ATM subinterface enables PPP over ATM no ip proxy-arp pvc 0/35 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Dot11Radio0 no ip address shutdown speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 station-role root ! interface Vlan1 ip address 145.99.xxx.xxx 255.255.255.248 ip access-group 102 in ip virtual-reassembly ! interface Dialer0 ip address negotiated ip access-group 101 in no ip redirects no ip unreachables no ip proxy-arp ip mtu 1492 ip inspect firewall in ip virtual-reassembly encapsulation ppp dialer pool 1 dialer idle-timeout 0 dialer-group 1 no cdp enable ppp pap sent-username
The above configuration will most likely also work on the 857W! As you’ll probably notice the wireless configuration has not been setup, so later more on this story..